Facebook post gets Navy veteran fired

A US Navy veteran lost his job with a hotel in Missouri after he posted a few photos to his Facebook page. What was in those photos? A group of Department of Homeland Security vehicles. That were parked in the hotel garage. Apparently, the hotel’s security chief called the man “a terrorist.”

Legally, the hotel may be in the right if Missouri is an employment-at-will state. But the hotel looks dumber than a bag of hammers. The vans were in a public parking garage, visible to anyone driving or walking in the garage, and weren’t hidden in any fashion. How putting the photos up on Facebook amounts to an act of terrorism is…well…it doesn’t pass the giggle test.

As a civil libertarian at heart, what really bothers me about this incident is that the hotel is telling its employees, “If you do something legal that could make us look like we don’t support the Department of Homeland Security, you’ll lose your job.” This kind of economic threat can be used to chill the constitutionally protected speech of its employees.

It may be legal, but that doesn’t make it right.

Who should be more embarrassed?

Ars Technica reports that one of the top cybercriminals wanted by the FBI had a ridiculously easy password. It was his cat’s name.

So, who committed the bigger blunder here? The criminal, or the FBI’s agents who didn’t bother to use standard passwords like pet names (or even a dictionary attack)?

I think the criminal wins this contest by an edge. No matter how notorious the guy is, he’s an idiot for not using a more secure password.

A high tech legal battle anyone can understand

You may not realize it, but every day you probably use software that takes advantage of application programming interfaces (APIs). Basically, an API is a set of specifications that lets one piece of software talk to another. When you use an app on your iOS or Android device, the app uses APIs to communicate with the operating system. Or, as an Electronic Frontier Foundation court brief explains it,

So when you type a letter in a word processor, and hit the print command, you are using an API that lets the word processor talk to the printer driver, even though they were written by different people.

The United States Court of Appeals for the Federal Circuit recently held that APIs are protected by copyright law. If the ruling stands, it means the API owners can decide which applications will get to use the API and which ones won’t. If an API owner decided to punish Microsoft, for example, it could decide that Microsoft Word could not use the API to connect to printers, yet continue to allow WordPerfect users to print seamlessly. The result would mean Microsoft would either have to pay for access to the API or dedicate resources to developing its own API.

The Federal Circuit seems to have misunderstood the difference between specifications and computer code. The specifications are akin to standardization of certain things. Light bulbs, for example, use standard sizes so you can buy a bulb from GE, Sylvania, Philips, or anyone else and know it will fit in your lamp at home. Imagine the chaos in your local Home Depot if such standardization did not exist. I had a similar experience recently when I needed to buy a quart of motor oil that met a certain manufacturer’s specification. I stood for five minutes in Auto Zone reading the fine print on several different types of motor oil until I found the right one.

At this point, there is no indication whether the Supreme Court of the United States will review the Federal Circuit’s decision. Let’s hope it does and that wiser minds prevail.

A collision of the law, technology, and the brain

You sit quietly in a chair as brain wave sensors are placed on your head. These are no ordinary sensors, though—they can also transmit waves to the brain. The attendant asks if you’re ready, and after a brief nod and smile, the attendant presses a button. Your brain is inundated with signals. You are immediately experience…perhaps whatever you want.

Sounds like science fiction, right? Or an Arnold Schwarzenegger movie. But according to futurist and physicist Dr. Michio Kaku, this may soon be a reality. In August, the Wall Street Journal published an essay by Dr. Kaku in which he outlined the progress science is making with the brain. As unbelievable as it sounds, scientists have already successfully “uploaded” memories to animals. How far away are we from the following scenarios?

  • Your mind and memories can be digitized and stored on physical media, perhaps for the purpose of restoration after an accident or injury? Or maybe just to let you “check out” for a number of years? (Check out the concept of “deadheading” in Cory Doctorow’s Down and Out in the Magic Kingdom.)
  • Memories can be created and uploaded to your brain—as Dr. Kaku suggests in his essay, letting you experience the vacation you never took.
  • Physical sensations such as pain can be uploaded to the brains of jurors in personal injury cases. (This idea came to me courtesy of our local federal magistrate judge, who shared Dr. Kaku’s essay with me.)

It’s not hard to start thinking of the potential legal issues that these and other scenarios raise. Who will retain the legal rights to your memories—true intellectual property? Will there be remedies for improper distribution of your memories? Will your heirs have access to those memories? Can you prohibit your heirs from having access to certain memories? Does “deadheading” constitute a form of assisted suicide? How do we assess the accurate depiction of pain that might be uploaded to a juror’s mind? Could a juror refuse to allow the memories to be erased since they are now part of her mind? Will appellate judges be able to experience memories received into evidence in order to assess the validity of damage awards?

For most of us, we will never have to confront or litigate these issues. But for our young people who are attending law school today, these might be the hot legal topics in their careers.

Apple Pay v. CurrentC

Paying for merchandise at a store can be a pain. You go up to the counter, watch as your items are rung up, dig in your wallet for a credit card or debit card, and hand it to the cashier. After your purchases are bagged, you head out the door—left to wonder whether the retailer you just visited will be hacked as Target was earlier this year.

Convenience and security are the two selling points behind Apple Pay. If you have one of the new iPhone 6 or 6 Plus phones, you can simply pull it out, put it near the reader while touching the Touch ID sensor, and voila—you’ve paid for your purchase. I must admit, I do not fully understand the security details that purportedly protect your credit card number. Apple’s Tim Cook has bragged about the tough security, but that doesn’t mean the system is secure.

News came out last week that major retailers like Wal-Mart, CVS, and Best Buy were not going to use Apple Pay (or Google Wallet) since they were signed onto a retailer-developed system known as CurrentC. But the news has broken this week that CurrentC has been hacked. It’s not a major security breach because the hackers only got email addresses of users. But this doesn’t do much to bolster consumer confidence in the system.

In the past year, I’ve had to have new account numbers issued for at least three credit cards. The little I understand about Apple’s system tells me that it doesn’t actually transmit your credit card number to the retailer but instead uses some kind of “burnable” temporary number. That’s appealing, but since I do not have an iPhone 6 (my wife got the upgrade this year) Apple Pay is not going to be anything I use anytime soon. All I know is, I want something more secure than we have now.

Security is hard, and the type of security that Apple and its competitors are trying to implement is very, very hard. Breaches will be inevitable in any system, just as a determined burglar will get into any home regardless of the security systems in place. Heck, prisons are among the most secure places in the U.S., and we cannot keep weapons and other contraband from being smuggled in. Apple, CurrentC, and other providers are going to have to get things right and hope to stay one step ahead of the hackers. That will be no easy task.